Umer, Running p0f does not necessarily offer a stimulus/response test. Regarding detecting a machine with p0f installed/running, you may have better success simply trying to detect for any network adapter in promiscuous mode. And there's tons of info available on that... HTH, -jeff parker -----Original Message----- From: full-disclosure-adminat_private [mailto:full-disclosure-adminat_private] On Behalf Of thetic Sent: Thursday, September 04, 2003 2:20 PM To: Michal Zalewski; honeypotsat_private; pen-testat_private; focus-idsat_private; sectoolsat_private Cc: incidentsat_private; bugtraqat_private; full-disclosureat_private Subject: [Full-Disclosure] Re: [tool] the new p0f 2.0.1 is now out Question concerning the the POF, how can we setup a IDS to detect a POF scan. umer _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Thu Sep 04 2003 - 13:34:43 PDT